1 / 28

Secure Civil Navigation and Timing

Secure Civil Navigation and Timing. Todd Humphreys | Aerospace Engineering The University of Texas at Austin MITRE | July 20, 2012. Acknowledgements. University of Texas Radionavigation Lab graduate students Jahshan Bhatti , Kyle Wesson, Ken Pesyna , Zak Kassas , and Daniel Shepard

dillon
Download Presentation

Secure Civil Navigation and Timing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Civil Navigation and Timing Todd Humphreys | Aerospace Engineering The University of Texas at Austin MITRE | July 20, 2012

  2. Acknowledgements • University of Texas Radionavigation Lab graduate students JahshanBhatti, Kyle Wesson, Ken Pesyna, Zak Kassas, and Daniel Shepard • Mark Psiaki, Brady O’Hanlon, Ryan Mitch (Cornell) • Brent Ledvina(Coherent Navigation) • Aaron Fansler(Northrop Grumman)

  3. 4:00 AM May 2, 2000 Meters Error UTC Hours

  4. GPS Jammers

  5. GPS Spoofer

  6. GPS Spoofer

  7. GPS Spoofer

  8. GPS Spoofer

  9. GPS Spoofer

  10. GPS Spoofer

  11. iPhone Video

  12. University of Texas Spoofing Testbed

  13. Commandeering a UAV via GPS Spoofing Target UAV Receive Antenna External Reference Clock Spoofed Signals as a “Virtual Tractor Beam” Control Computer Internet or LAN Transmit Antenna GPS Spoofer UAV coordinates from tracking system

  14. UAV Video

  15. Surprises (1/2) • RAIM was helpful for spoofing: we couldn’t spoof all signals seen by UAV due to our reference antenna placement, but the Hornet Mini’s uBlox receiver rejected observables from authentic signals, presumably via RAIM • Overwhelming power is required for clean capture: A gradual takeover leads to large (50-100 m) multipath-type errors as the authentic and counterfeit signals interact • The UAV’s heavy reliance on altimeter for vertical position was easily overcome by a large vertical GPS velocity

  16. Surprises (2/2) • Not possible even to station keep with a captured UAV based on visual position estimates: GPS capture breaks flight controller’s feedback loop; now spoofer must play the role formerly assumed by GPS. Implication: An accurate radar or LIDAR system would be required for fine “control” of UAV via spoofing • Compensating for all system and geometric delays to achieve meter-level alignment is challenging but quite possible • In high-stakes situations, graduate students are steadier than assistant professors

  17. Recommendations • Requirenavigation systems for UAVs above18 lbs to be certified “spoof-resistant” • Require navigation and timing systems in critical infrastructure to be certified “spoof-resistant” • “Spoof resistant” defined by ability to withstand or detect civil GPS spoofing in a battery of tests performed in a spoofing testbed

  18. Spoofing Defenses Non-Cryptographic Cryptographic SSSC on L1C (Scott) J/N Sensing (Ward, Scott, Calgary) Stand-Alone NMA on L2C, L5, or L1C (MITRE, Scott, UT) All-Signals Defense (DARPA, BAE, UT) SSSC or NMA on WAAS (Scott, UT) Single-Antenna Spatial Correlation (Cornell, Calgary) Signal Forensics (TENCAP, Ledvina, Torino, UT) P(Y) Cross-Correlation (Stanford, Cornell) Networked Multi-Antenna Defense (Keys, Montgomery, DLR, Stanford)

  19. Public-Key Signal Authentication: Receiver Perspective Code Origin Authentication Code Timing Authentication • Wesson, K., Rothlisberger, M., and Humphreys, T. E., “Practical Cryptographic Civil GPS Signal Authentication,” • NAVIGATION: The Journal of the Institute of Navigation, to be published.

  20. Security Code Estimation and Replay Detection Inside the Spoofer: Security Code Chip Estimation Inside the Defender: Detection Statistic Based on Specialized Correlations

  21. Security Code Estimation and Replay Detection: Hypothesis Testing During an Attack Humphreys, T. E., “Detection Strategy for Cryptographic GNSS Anti-Spoofing,” IEEE Transactions on Aerospace and Electronic Systems, to be published.

  22. Operational Definition of GNSS Signal Authentication • GNSS signal is declared authentic if since some trustedinitialization event: • logical output S has remained low, and • logical output H1 has remained low, and • output PD has remained above an acceptable threshold

  23. Nagging Concerns • Hard to characterize the null hypothesis for a crypto defense on a dynamic platform – hard to keep false alarm rate under control • All crypto defenses ineffective against near-zero-delay meaconing (entire band record and playback) timing attacks • Civil GPS crypto defenses will probably be funded and implemented just before the heat death of the universe • Is envisioning widespread adoption of non-crypto defenses just wishful thinking?

  24. radionavlab.ae.utexas.edu

More Related